package com.p7.framework.permission.shiro.credentials;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 * 自定义密码匹配器
 * @ClassName: CustomCredentialsMatcher 
 * @author yz
 * @date 2019年2月14日 下午4:03:34
 */
public class CustomCredentialsMatcher extends SimpleCredentialsMatcher {
    private static final Logger LOGGER = LoggerFactory.getLogger(CustomCredentialsMatcher.class);

    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
        String password = new String(usernamePasswordToken.getPassword());
        String dbPassword = (String) info.getCredentials();

        LOGGER.info("request username : {} , password : {}", usernamePasswordToken.getUsername(), password);
        if (!dbPassword.equalsIgnoreCase(password)) {
            LOGGER.info("@@@@@@@@账号密码错误,account:{}", usernamePasswordToken.getUsername());
            return false;
        }
        LOGGER.info("database username : {} , password : {}", usernamePasswordToken.getUsername(), dbPassword);


        return Boolean.TRUE;
    }
}
